Oh and just for everyone's peace of mind: We don't store any personal information about anyone. All a data breach would give anyone would be your tweb username/encrypted password and email address.
Also on the Vbulletin forum, Vbulletin was asked about the encryption on the password database and they replied.
"Salted* and MD5 hashed; it is next to impossible to retrieve and view a password even if the database is compromised."
So I am still not convinced we have had an actual breach. This thread is just to be safe.
*In cryptography, a salt is random data that is used as an additional input to a one-way function that hashes data, a password or passphrase. Salts are used to safeguard passwords in storage. ... Salting is one such protection. A new salt is randomly generated for each password. https://en.wikipedia.org/wiki/Salt_(cryptography)
-
Always a good practice.Originally posted by Cerebrum123 View Post
I also suggest using a password manager to keep track of all of your passwords.
Firefox and Chrome have built in password managers, but there are other ones that will work across various devices and apps so you don't have to keep storing passwords in multiple places. most have good free versions with paid versions for extra features, like automatic password changing, etc.
https://www.lastpass.com
https://bitwarden.com/
https://1password.com
Most work by having a Master password to access the rest of your passwords. Just make sure your master password is very secure and not one you use anywhere else. Best practices is to use a password phrase. Just make up some nonsense phrase that you can remember and type easy but make it at least 12 characters long. Something like "I eat cardboard" or "Unicorns fart chocolate" "My dog is a moron"
Rats! Now I have to change all of my passwords again!
Leave a comment:
-
Changed my password, I already used a different one for other sites fortunately if this were the case.Leave a comment:
-
Possible Data Breach
Juvenal contacted me and said that Chrome had reported his unique password for Tweb as being found in a data breach.
I haven't seen anything in my password checkers, (Last Pass, Have I been pwned, or Chrome) myself, nor have I seen any indications of a break in on our server, but I wanted to give a heads up to everyone about this.
You should change your password to be safe (you should change it often as well regardless for good security. And don't use the same password here as you do other sites, especially anything financial). I have changed the root password on our server and server account login.
| Topics | Statistics | Last Post | ||
|---|---|---|---|---|
|
Sticky:
Tweb slowness
|
9 responses
45 views
1 like
|
by One Bad Pig
Yesterday, 12:24 PM
|
||
|
204 responses
2,702 views
1 like
|
by Sparko
04-03-2024, 02:51 PM
|
Leave a comment: